issues
search
chainreactors
/
picker
将你的repo变为讨论社区
GNU General Public License v3.0
104
stars
19
forks
source link
[每日信息流] 2024-08-08
#615
Closed
chainreactorbot
closed
2 weeks ago
chainreactorbot
commented
1 month ago
每日安全资讯(2024-08-08)
SecWiki News
[ ]
SecWiki News 2024-08-07 Review
M0rk's Blog
[ ]
Linux LKM Rootkit简介与排查
奇安信攻防社区
[ ]
记一次前端断点调试到管理员登陆
paper - Last paper
[ ]
Building a Local Security AI Big Model Attack and Defence Knowledge Base from Scratch
[ ]
从零开始搭建本地安全 AI 大模型攻防知识库
安全客-有思想的安全新媒体
[ ]
黑客入侵了MDM公司Mobile Guardian并清除了数千台设备的数据
[ ]
微软回击达美航空及其法律威胁
[ ]
联邦贸易委员会(FTC)警告消费者提防那些提供清除信用报告中所有负面信息的骗子
[ ]
国际刑警组织在新加坡有史以来最大的BEC诈骗案中追回了4100万美元
[ ]
CrowdStrike 聘请了两家外部安全公司对代码进行审查
[ ]
CISA 将 Microsoft COM for Windows bug 添加到其已知利用的漏洞目录中
[ ]
勒索软件团伙利用伪装成 IP 扫描仪的新型 RAT 攻击 IT 工作者
[ ]
研究人员发现威胁行为者使用多年的 MotW 绕过技术
[ ]
新的 Android 间谍软件 LianSpy 使用 Yandex Cloud 逃避检测
[ ]
寻找明星场景·赋能垂直领域,ISC.AI 2024安全大模型联合峰会圆满召开
Security Boulevard
[ ]
Democracy’s Challenge: Secure Elections Worldwide
[ ]
USENIX Security ’23 – Eos: Efficient Private Delegation of zkSNARK Provers
[ ]
D3 Introduces Program to Help SOC Teams Migrate Successfully from Legacy SOAR
[ ]
Student Devices Wiped — Mobile Guardian Hacked AGAIN
[ ]
Windows Downdate: Downgrade Attacks Using Windows Updates
[ ]
Botnet 7777: Are You Betting on a Compromised Router?
[ ]
Randall Munroe’s XKCD ‘Matter’
[ ]
How Sonar Helps Meeting NIST SSDF Code Security Requirements
[ ]
Tenable Adds Ability to Prioritize Vulnerabilities by Threat Level
[ ]
How Escape’s agentless API discovery technology works
Trustwave Blog
[ ]
Unleashing the Power of Microsoft Security with Trustwave
[ ]
How to Limit Extra Costs When Implementing Microsoft E5 Security Products
Recent Commits to cve:main
[ ]
Update Wed Aug 7 22:31:46 UTC 2024
[ ]
Update Wed Aug 7 14:34:30 UTC 2024
[ ]
Update Wed Aug 7 06:26:17 UTC 2024
Der Flounder
[ ]
Using the Jamf Pro agent to set computer name to match the Mac’s hardware serial number on macOS Sonoma
Doonsec's feed
[ ]
0day专项很慌?亿赛通0day专项已经发布漏洞补丁
[ ]
Hvv-day13威胁情报日记
[ ]
缓冲区溢出与潜意识防御机制
[ ]
Linux LKM简介
[ ]
ISC.AI 2024赛博文化街:老周惊喜探馆,共赏极客潮流!
[ ]
zip加密文件破解工具
[ ]
【漏洞预警】Apache CloudStack 权限提升漏洞(CVE-2024-42062)
[ ]
Tomcat文件上传绕WAF姿势深入研究
[ ]
关于网传199事件—EDUSRC邀请码
[ ]
SNL团队夏季招新
[ ]
懂开发的网安人才,到底有多吃香?
[ ]
【突发】国内大量家用路由器网络访问异常和流量劫持事件分析
[ ]
【0807】重保演习每日情报汇总
[ ]
某微云桥addResume存在任意文件上传漏洞
[ ]
4.Wireshark导出SMTP钓鱼邮件
[ ]
【成功复现】Apache OFBiz代码执行漏洞(CVE-2024-38856)
[ ]
【休闲】超清晰护网说唱合集!
[ ]
PwnLab: init-文件包含、shell反弹、提权--靶机渗透思路讲解【附靶机链接】
[ ]
【安全圈】知名黑客公开近30亿条国家公共数据,包括全名、地址、SSN...
[ ]
【安全圈】自2018年一直被黑客利用,Windows又一“后门”揭秘
[ ]
网络安全运营介绍
[ ]
【8/7特辑】热点漏洞速递
[ ]
通过Elasticsearch服务发现的信息泄露
[ ]
组组组合拳艰难渗透
[ ]
黑客诱捕器,钓的就是你
[ ]
从一个Potato插件看红队武器化开发
[ ]
奥运会比赛场馆遭勒索软件攻击
[ ]
每日安全动态推送(8-7)
[ ]
做好网络安全风险管理必备的5种能力
[ ]
【漏洞实例】微软云服务漏洞云安全漏洞 Azure CSV 注入漏洞
[ ]
【漏洞分享】亿赛通 Sql注入漏洞 电子文档安全管理系统 SaveCDGPermissionFromGFOA sql
[ ]
「漏洞复现」BladeX企业级开发平台 usual/list SQL 注入漏洞
[ ]
绕过CDN查看真实IP
[ ]
【事件解析】WazirX出了什么岔子?揭开印度最大加密货币黑客事件的真相
[ ]
【美国经济预警】前美联储顾问暗示美国陷入衰退,Airbnb预警经济放缓
[ ]
【人工智能新闻】OpenAI 联合创始人 John Schulman 转投竞争对手 Anthropic
[ ]
Gartner安全运营成熟度曲线:XDR、SOAR 泡沫破裂;TI 稳步爬升;EDR、SIEM 进入生产成熟期
[ ]
三足鼎立的SIEM、SOAR和XDR,看今朝!
[ ]
[周报]2024/8/1-2024/8/7 POC更新进度
[ ]
ansible对接操作系统升级脚本(终篇)
[ ]
【漏洞复现】Apache OFBiz系统存在ProgramExport命令执行漏洞
[ ]
简析网络安全中的伦理困境与道德守则
[ ]
论坛·原创 | 新技术环境下保密工作面临的挑战和应对策略
[ ]
员工工资直接与安全挂钩,微软改革将安全视为首要任务
[ ]
【漏洞速递】未授权RCE漏洞(附PoC)
[ ]
黑客教你怎么恢复聊天记录
[ ]
tcpdump与Wireshark实现服务端抓包与分析
[ ]
CVE-2024-38856 POC
[ ]
工业和信息化部哪些证书可以考,含金量咋样?
[ ]
信息安全漏洞周报(2024年第32期 )
[ ]
性能提升20%,字节跳动HTTPDNS从中心下沉到边缘
[ ]
[漏洞复现]章管家前台任意文件上传漏洞(XVE-2024-19042)
[ ]
一款全能型内网安全扫描工具
[ ]
实战| 一次host头中毒导致的逻辑漏洞(骚思路)
[ ]
从纽约到拉斯维加斯|BlockSec 8月美国之行
[ ]
解析YAML漏洞脚本,反向生成漏洞检索数据库
[ ]
秋天的第一杯奶茶,圈子请你喝
[ ]
人工智能将胶质母细胞瘤细胞重编程为树突状细胞,用于癌症免疫治疗
[ ]
Apache OFBiz (CVE-2024-38856) 漏洞复现
[ ]
IDA 技巧(39) 导出数据
[ ]
引爆树莓派潜力:一站式 ARM64 Hypervisor 学习平台!
[ ]
国家发展改革委 国家能源局 国家数据局发布《加快构建新型电力系统行动方案(2024—2027年)》
[ ]
供应链安全之:供应商攻击面的梳理与优化
[ ]
2024攻防演习天眼情报站 · 0806期
[ ]
网络安全信息与动态周报2024年第31期(7月29日-8月4日)
[ ]
今日立秋丨秋风送爽 安全护航
[ ]
【iOS逆向】某短视频sig3算法分析还原
[ ]
XCon2024议题:LLM Infra Security:大模型供应链的阿喀琉斯之踵
[ ]
勒索软件团伙利用新型 SharpRhino 恶意软件攻击 IT 工作者
[ ]
【好文推荐】生成式人工智能安全评估体系构建
[ ]
预告 | 今晚19点网安公开课,CSNAS流量分析从入门到精通
[ ]
【业界动态】江苏省数据集团有限公司成立,注册资本30亿
[ ]
AI安全新纪元:智能体驱动的网络安全新范式
[ ]
红海云ehr任意文件上传分析
[ ]
Claude(克劳德)太强了,直出文章没AI味(附 注册使用流程)
[ ]
攻防演练值守资源不足下的“灵活用工”最佳实践
[ ]
Redis未授权利用方式总结
[ ]
奇安信代码安全实验室研究员入选“2024 MSRC 全球最具价值安全研究者”榜单
[ ]
u200b以个人用户为目标的Magniber勒索软件攻击激增;黑客通过窃听HDMI电缆来窃取密码 | 牛xad览
[ ]
今日立秋|云天收夏色,木叶动秋声
[ ]
【资源推荐】WhenFS 文件系统:重新定义 Google 日历的用途
[ ]
山石上榜2024年微软全球最具价值安全研究员榜单
[ ]
【2024HW】近期最新\"瓜\"和\"动态\"(5)
[ ]
通过Apple漏洞实现账户接管
[ ]
招聘 | 代码审计值守
[ ]
多家中国企业入选Gartner成熟度曲线报告攻击面管理领域代表厂商
[ ]
【国际视野】美国SAFECOM发布《采用公共安全云计算的注意事项》指南
[ ]
记一次通过信息收集进入学校管理后台
[ ]
15年前盗走马化腾QQ的天才黑客怎么样了
[ ]
赛博观点|工业领域企业如何开展数据安全风险自查评估
[ ]
公布|《贵州省数据流通交易促进条例》
[ ]
分享一个免费轻量级的截图工具
[ ]
HVV技战法 | 借助威胁情报和自动化手段,提升防护处置能力
[ ]
深度:北约人工智能战略举措与影响分析
[ ]
Upload-Lab第8关:用点号法巧妙破解上传黑名单验证
[ ]
CTF闯关 | SQL注入类型
[ ]
工具分享 | CS功能详解
[ ]
@2024网民网络安全感满意度调查活动支持单位,请接收这一份感谢信!
[ ]
漏洞分析 | 某智慧管理平台RCE漏洞
[ ]
Apache OfBiz CVE-2024-32113和CVE-2024-36104 漏洞 POC
[ ]
Scala代码审计之痛 -- Scala与Java的爱恨情仇
[ ]
等级保护:网络安全事件分类分级思维导图
[ ]
【漏洞复现】某管理平台-search-info-leak-信息泄露漏洞
[ ]
2024赛博文化街:老周惊喜探馆,共赏极客潮流!【ISC.AI】
[ ]
实战 | 湾湾网站的肾透案例
[ ]
SC.AI 2024赛博文化街:老周惊喜探馆,共赏极客潮流!
[ ]
JSRPC|看不懂加密方式?稳了!以金融为例且提供最终样板脚本
[ ]
草根和科班的巅峰对决:全红婵和陈芋汐双赢!17岁天才姜萍,关于其数学决赛成绩的追问,也开始了!
[ ]
惊天大瓜!疑似护网红队在公网泄露金融行业账号密码
[ ]
【工具推荐】强大的图形化“社工密码生成器”
[ ]
新的暗网热点:GenAI账户交易
[ ]
聊聊我眼中的“红队武器化”
[ ]
CrowdStrike 发布 Falcon Sensor BSOD 崩溃根本原因分析
[ ]
朝鲜黑客 Moonstone Sleet 将恶意 JS 包推送至 npm Registry
[ ]
国际刑警组织追回 BEC 攻击中被盗的 4000 多万美元
[ ]
组织应该支付赎金吗?
[ ]
英国的IT 服务公司Advanced因LockBit攻击面临600万英镑罚款
[ ]
AI在网络安全运营(SOC)中的作用
[ ]
恶意应用程序利用新技巧绕过 Windows 安全警报长达六年
[ ]
数据泄露:30 亿份包含 SSN 的国家公共数据记录被泄露到网上(还是之前的 Jerico Pictures Inc,再发一次)
[ ]
绕过一切扫描,加强版CS发布
[ ]
2024黑帽大会的15个热门产品
[ ]
移动安全公司遭黑客攻击,上万设备被远程擦除
[ ]
使用开源卫星数据追踪俄罗斯在乌克兰的秘密导弹发射器
[ ]
Tenda Ac8v4 RCE漏洞挖掘与分析
[ ]
HW2024汇总-8.6(漏洞数229)
[ ]
漏洞复现| Apache OFBiz 授权不当致代码执行漏洞(CVE-2024-38856)
[ ]
从“蓝屏事件”说开来:“网络卫士”实为“黑客帝国”;|近30亿人个人数据遭暗网售卖,这家背调公司被起诉
[ ]
自2018年一直被黑客利用,Windows又一“后门”揭秘
[ ]
通过代码审计用友获取CNVD高危证书
[ ]
Burpsuite API敏感信息查找插件-v2.0.2
[ ]
朝鲜相关黑客攻击建筑和机械行业,使用水坑攻击和供应链攻击
[ ]
谷歌警告:Android内核漏洞正在被活跃攻击
[ ]
法国博物馆网络遭受了勒索软件攻击
[ ]
豪掷“万金”定制鲜花礼盒,竟是洗钱骗局?
[ ]
【漏洞复现】鲸发卡系统 /pay/xinhui/request_post 任意文件读取漏洞
[ ]
2024年“广东通信杯”广东省信息通信行业第四届网络安全技能大赛唯品会获得团体赛一等奖
[ ]
【2024-08-07】每日安全资讯摘要
[ ]
Hvv 日记 威胁情报 8.6 (漏洞、IP、样本)
Private Feed for M09Ic
[ ]
CHYbeta starred infosec-us-team/Immunefi-Bug-Bounty-Programs-Unofficial
[ ]
CHYbeta starred AdnaneKhan/Gato-X
[ ]
4ra1n released 0.2.0 at jar-analyzer/jar-obfuscator
[ ]
CHYbeta starred Ry0taK/first-sequence-sync
[ ]
INotGreen starred INotGreen/SharpScan
[ ]
mitre forked mitre/fhir-for-research from NIH-ODSS/fhir-for-research
[ ]
timwhitez starred TheWover/CertStealer
[ ]
CHYbeta started following jxhczhl
[ ]
L-codes starred killeven/DllToShellCode
[ ]
nightRainy started following killeven
[ ]
gh0stkey starred k3ppf0r/2024-PocLib
[ ]
nightRainy started following h3zh1
[ ]
CHYbeta starred wafinfo/DecryptTools
[ ]
nightRainy started following FunnyWolf
[ ]
nightRainy started following evilashz
[ ]
nightRainy started following lz520520
[ ]
nightRainy started following zema1
[ ]
threedr3am starred WebAssembly/wabt
[ ]
zema1 starred r-bk/rsdns
[ ]
gh0stkey starred drwetter/testssl.sh
[ ]
yzddmr6 starred CodeSecurityTeam/frp
[ ]
CHYbeta starred securitytemplates/sectemplates
Files ≈ Packet Storm
[ ]
Gentoo Linux Security Advisory 202408-13
[ ]
Debian Security Advisory 5740-1
[ ]
Mailcow TFA Authentication Bypass
[ ]
Firebeam CVE-2024-26229 Plugin
[ ]
WordPress PayPlus Payment Gateway SQL Injection
[ ]
Gentoo Linux Security Advisory 202408-12
[ ]
Debian Security Advisory 5739-1
[ ]
Ubuntu Security Notice USN-6945-1
[ ]
Gentoo Linux Security Advisory 202408-11
[ ]
Gentoo Linux Security Advisory 202408-10
[ ]
Gentoo Linux Security Advisory 202408-09
[ ]
Red Hat Security Advisory 2024-5067-03
[ ]
Red Hat Security Advisory 2024-5065-03
[ ]
Gentoo Linux Security Advisory 202408-08
[ ]
Gentoo Linux Security Advisory 202408-07
[ ]
Red Hat Security Advisory 2024-5056-03
[ ]
Red Hat Security Advisory 2024-5054-03
[ ]
Red Hat Security Advisory 2024-5041-03
[ ]
Red Hat Security Advisory 2024-5040-03
[ ]
Red Hat Security Advisory 2024-5025-03
[ ]
Gentoo Linux Security Advisory 202408-05
[ ]
E-Commerce Site Using PHP PDO 1.0 Directory Traversal
[ ]
Covid-19 Directory On Vaccination System 1.0 Insecure Settings
[ ]
Red Hat Security Advisory 2024-5024-03
[ ]
Red Hat Security Advisory 2024-5002-03
Tenable Blog
[ ]
Detecting Risky Third-party Drivers on Windows Assets
[ ]
Securing the AI Attack Surface: Separating the Unknown from the Well Understood
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
[ ]
勒索软件团伙利用新型 SharpRhino 恶意软件攻击 IT 工作者
[ ]
重磅推出 | 2024年上半年移动应用隐私安全观测报告
Forcepoint
[ ]
Risk to Reward: How ChatGPT Security Fuels AI Transformation
Twitter @bytehx
[ ]
Re @Afriauditor @sherlockdefi @code4rena That is awesome!
obaby@mars
[ ]
愚妄
Hex Rays
[ ]
Madame de Maintenon’s Enigmatic Bouillotte Game
Hexacorn
[ ]
Counting the API arguments…
SentinelOne
[ ]
Defusing AD-Based Risks | Best Practices for Securing Modern Directory Services
PortSwigger Research
[ ]
Splitting the email atom: exploiting parsers to bypass access controls
[ ]
Listen to the whispers: web timing attacks that actually work
Publications | Outflank
[ ]
Introducing Outflank C2 with Implant Support for Windows, macOS, and Linux
Reverse Engineering
[ ]
Tony Hawk's Pro Strcpy
[ ]
Need assistance
安全牛
[ ]
简析网络安全中的伦理困境与道德守则
[ ]
以个人用户为目标的Magniber勒索软件攻击激增;黑客通过窃听HDMI电缆来窃取密码 | 牛览
Microsoft Security Response Center
[ ]
Announcing BlueHat 2024: Call for Papers now open
Security Blog | Praetorian
[ ]
Embracing the Future: The Power of a Global Workforce in Cybersecurity
FreeBuf网络安全行业门户
[ ]
零基础网安就业,需要多久?
[ ]
知名黑客公开近30亿条国家公共数据,包括全名、地址、SSN...
[ ]
懂开发的网安人才,到底有多吃香?
[ ]
揭秘新型安卓间谍软件LianSpy的攻击手段
[ ]
FreeBuf早报 | 迄今为止最大BEC骗局被侦破;法国博物馆奥运期间遭遇网络攻击
[ ]
迄今为止最大BEC骗局被侦破!国际刑警组织利用I-GRIP为企业追回 4100 万美元
奇客Solidot–传递最新科技情报
[ ]
Valve 也许在开发《半条命3》
[ ]
研究称猫表现出对其它宠物死亡的悲痛之情
[ ]
马斯克将 X 变成个人的政治游乐场
[ ]
中国发射首批宽带卫星
[ ]
科学家发现尺寸最小的人类化石
[ ]
FireFox 129 释出
[ ]
Google Chrome 将允许用户打赏其喜欢的网站
[ ]
日产新车漆显著降低车内温度
[ ]
一村民被气象炮弹砸断腿
[ ]
新加坡学生设备数据因 Mobile Guardian 网络攻击事故被远程清除
[ ]
英国研究发现接种新冠疫苗有助于降低心脏病和中风风险
[ ]
罗伯特·索耶发布免费 DOS 版 WordStar 7
HackerNews
[ ]
一新型 Android 木马试图窃取土耳其用户的财务数据
[ ]
研究人员发现 Windows 智能应用控制和 SmartScreen 中的漏洞
[ ]
揭秘新型安卓间谍软件 LianSpy 的攻击手段
[ ]
谷歌称 Android 0day 漏洞(CVE-2024-36971)已被广泛利用
[ ]
黑客攻击数字教室管理平台 Mobile Guardian,新加坡 13000 台设备被远程清除数据
[ ]
法国博物馆网络遭勒索软件攻击,奥运会赛事未出现中断
腾讯玄武实验室
[ ]
每日安全动态推送(8-7)
奇安信威胁情报中心
[ ]
近期值得关注的IOC(2024-08-07)
[ ]
【8月6日获奖榜】以下网络安全专家已免费获赠阿瑞斯武器库批量查询工具
黑奇士
[ ]
创始人1.58亿买豪宅,裁员信不敢写“裁员”,得物到底怎么了?
看雪学苑
[ ]
逆向中的GL与着色器逆向
[ ]
创下新纪录,国际刑警组织为企业追回4000万美元
[ ]
今日更新:设计加壳软件 | .NET程序的文件解析及保护技术
安全内参
[ ]
巴黎奥运会比赛场馆遭勒索软件攻击
[ ]
微软宣布绩效改革:员工工资与安全直接挂钩
吾爱破解论坛
[ ]
吾爱破解安卓逆向入门教程《安卓逆向这档事》番外实战篇3-拨云见日之浅谈Flutter逆向
360漏洞云
[ ]
ISC.AI 2024赛博文化街:老周惊喜探馆,共赏极客潮流!
虎符智库
[ ]
深度:北约人工智能战略举措与影响分析
代码卫士
[ ]
奇安信代码安全实验室研究员入选“2024 MSRC 全球最具价值安全研究者”榜单
安全研究GoSSIP
[ ]
G.O.S.S.I.P 阅读推荐 2024-08-07 ESem
关键基础设施安全应急响应中心
[ ]
智能网联汽车网络安全事件分析溯源挑战与思考
[ ]
打击勒索最高一招?美拟立法将勒索软件攻击定性为恐怖主义
[ ]
知名电子大厂因勒索攻击损失超1.2亿元,此前曾停运两周
KCon 黑客大会
[ ]
演讲议题巡展 | 高级恶意软件开发之RDI的进化
[ ]
招募漏洞猎手!OPPO、字节跳动企业专场激战正酣,大奖等你解锁!
[ ]
【高端培训招募】KCon大会培训日,正式回归啦!
中国信息安全
[ ]
人物访谈 | 孙嘉蓬:践行数字经济强国战略,护航数字经济安全发展
[ ]
前沿 | 商用密码技术在工业企业场景化应用的探索
[ ]
专家观点 | 进一步确立个人信息保护合规审计标准——《数据安全技术 个人信息保护合规审计要求(征求意见稿)》的主要亮点及完善建议
[ ]
通知 | 网安标委就《网络安全标准实践指南—互联网平台停服数据处理安全要求(征求意见稿)》公开征求意见(附全文)
[ ]
关注 | 法国约40家博物馆数据系统被勒索软件攻击
[ ]
国际 | 日本网络犯罪事件增多,造成严重社会危害
[ ]
行业 | IDC发布中国隐私计算市场份额报告 蚂蚁数科位居第一
数世咨询
[ ]
勒索软件对基础设施企业带来巨额账单
[ ]
业内诚聘 | IT企业诚招人才 2024.8.7
知道创宇404实验室
[ ]
原创 Paper | 从零开始搭建本地安全 AI 大模型攻防知识库
情报分析师
[ ]
【情报报告】哈里斯的政策立场及与特朗普在关键问题上的比较
[ ]
美国加密货币ATM:诈骗者的新宠
CNCERT国家工程研究中心
[ ]
CrowdStrike与达美航空互撕,拒付5亿美元赔偿
[ ]
自2018年一直被黑客利用,Windows又一「后门」揭秘
[ ]
当鱼叉式网络钓鱼遇到大规模网络钓鱼
唯品会安全应急响应中心
[ ]
2024年“广东通信杯”广东省信息通信行业第四届网络安全技能大赛唯品会获得团体赛一等奖
斗象智能安全
[ ]
攻防演练值守资源不足下的“灵活用工”最佳实践
嘶吼专业版
[ ]
XCon2024议题:LLM Infra Security:大模型供应链的阿喀琉斯之踵
[ ]
勒索软件团伙利用新型 SharpRhino 恶意软件攻击 IT 工作者
Beacon Tower Lab
[ ]
【突发】国内大量家用路由器网络访问异常和流量劫持事件分析
[ ]
【0807】重保演习每日情报汇总
国家互联网应急中心CNCERT
[ ]
网络安全信息与动态周报2024年第31期(7月29日-8月4日)
极客公园
[ ]
爆火的小游戏,成了苹果 VS 腾讯的导火索
[ ]
OpenAI 再传人事巨变;特斯拉 Cybertruck 发生第一起死亡事故;罗永浩回应俞敏洪好友「五宗罪」 | 极客早知道
山石网科安全技术研究院
[ ]
山石上榜2024年微软全球最具价值安全研究员榜单
字节跳动技术团队
[ ]
性能提升20%,字节跳动HTTPDNS从中心下沉到边缘
360数字安全
[ ]
全球领创!360 AI企业浏览器开启智能办公新篇章
[ ]
AI增量一小步,安全运营一大步!ISC.AI 2024大模型重塑安全运营论坛召开!
迪哥讲事
[ ]
通过Elasticsearch服务发现的信息泄露
Shodan Blog
[ ]
5 Free Things for Everybody
Over Security - Cybersecurity news aggregator
[ ]
Ronin Network hacked, $12 million returned by "white hat" hackers
[ ]
SEC ends probe into MOVEit attacks impacting 95 million people
[ ]
FBI: BlackSuit ransomware made over $500 million in ransom demands
[ ]
Easterly: Too early to say if Supreme Court’s Chevron decision will affect cyber incident notification rules
[ ]
New CMoon USB worm targets Russians in data theft attacks
[ ]
Royal ransomware successor BlackSuit has demanded more than $500 million
[ ]
Windows Update downgrade attack "unpatches" fully-updated systems
[ ]
Cybercrime Rapper Sues Bank over Fraud Investigation
[ ]
UK IT provider faces $7.7 million fine for 2022 ransomware breach
[ ]
McLaren hospitals disruption linked to INC ransomware attack
[ ]
macOS Sequoia brings better Gatekeeper, stalkerware protections
[ ]
Hackers could spy on cellphone users by abusing 5G baseband flaws, researchers say
[ ]
Microsoft 365 anti-phishing feature can be bypassed with CSS
[ ]
How MSPs and MSSPs offer vCISO services with skilled CISOs in short supply
[ ]
Critical Progress WhatsUp RCE flaw now under active exploitation
[ ]
Cybercriminals target Canadian restaurant chain with Chameleon malware
[ ]
Facial authentication is surging across sports leagues. A tech exec explains the interest.
[ ]
60 Hurts per Second – How We Got Access to Enough Solar Power to Run the United States
[ ]
Un nuovo trend di phishing usa lo spear phishing per campagne massive
[ ]
Hacker cinesi hanno compromesso un ISP per distribuire malware
[ ]
NHS software supplier Advanced faces £6m fine over ransomware attack failings
NETRESEC Network Security Blog
[ ]
How to Inspect TLS Encrypted Traffic
Securityinfo.it
[ ]
Un nuovo trend di phishing usa lo spear phishing per campagne massive
[ ]
Hacker cinesi hanno compromesso un ISP per distribuire malware
bellingcat
[ ]
The Fall of Sheikh Hasina: Footage from the Streets of Bangladesh
Schneier on Security
[ ]
Problems with Georgia’s Voter Registration Portal
Graham Cluley
[ ]
Pig-butchering scammer targets BBC journalist
TorrentFreak
[ ]
ISPs Hijack Cloudflare/Google DNS Requests, Ending Site-Blocking Workarounds
[ ]
RIAA Backs AI Copyright Lawsuit Against Anthropic, Sees Similarities with Napster
The Register - Security
[ ]
Faulty instructions in Alibaba's T-Head C910 RISC-V CPUs blow away all security
[ ]
Fighting AI fire with AI fire
[ ]
Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net
[ ]
Police take just 2 days to recover $40M stolen in business email scam
[ ]
EQT buys majority share in Swiss cybersecurity biz Acronis
[ ]
UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack
[ ]
SharpRhino malware targets IT admins – Hunters International gang suspected
[ ]
Georgia's voter portal gets a crash course in client versus backend input validation
[ ]
Microsoft punches back at Delta Air Lines and its legal threats
[ ]
CrowdStrike hires outside security outfits to review troubled Falcon code
Security Affairs
[ ]
Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data
[ ]
New Android spyware LianSpy relies on Yandex Cloud to avoid detection
[ ]
Hackers breached MDM firm Mobile Guardian and wiped thousands of devices
Palo Alto Networks Blog
[ ]
Attack Vectors at a Glance
The Hacker News
[ ]
New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers
[ ]
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
[ ]
New Go-based Backdoor GoGra Targets South Asian Media Organization
[ ]
CrowdStrike Reveals Root Cause of Global System Outages
[ ]
Chameleon Android Banking Trojan Targets Users Through Fake CRM App
[ ]
Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
Full Disclosure
[ ]
KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection
[ ]
KL-001-2024-009: Journyx Reflected Cross Site Scripting
[ ]
KL-001-2024-008: Journyx Authenticated Remote Code Execution
[ ]
KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce
[ ]
KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal
[ ]
KL-001-2024-005: Open WebUI Stored Cross-Site Scripting
Deeplinks
[ ]
EFF Tells Yet Another Court to Ensure Everyone Has Access to the Law and Reject Private Gatekeepers
Technical Information Security Content & Discussion
[ ]
Tony Hawk's Pro Strcpy
[ ]
0.0.0.0 Day: Exploiting Localhost APIs From the Browser
[ ]
My keyboard was misbehaving so I had to exploit my NAS
[ ]
Exploiting authorization by nonce in WordPress plugins
[ ]
Extracting Forensics Data from Unitronics PLCs
[ ]
“Zovek” , My Offensive IoT Redteam Implant v1.0
Computer Forensics
[ ]
Why would splunk show a network login from a machine but the machine doesn't show anything?
[ ]
evaluating the authenticity of a scanned document pdf
Information Security
[ ]
VPN/Anonymizing IP list
[ ]
Cybersecurity Boom: Abnormal Security Closes Funding At 25x Revenue Valuation
[ ]
Announcing the Vulnerability Management program pack 1.0
Your Open Hacker Community
[ ]
How many “A”s to create a strong password?
[ ]
JohnTheRipper
[ ]
Be careful of free logs
[ ]
PortSwigger Clickjacking first lab
[ ]
Flashing an old device? Garmin
Blackhat Library: Hacking techniques and research
[ ]
Question: Windows Secure boot
[ ]
Hypothetically, if you stole my BTC would you return it?
Social Engineering
[ ]
Has anyone come across this statement?
Krebs on Security
[ ]
Cybercrime Rapper Sues Bank over Fraud Investigation
每日安全资讯(2024-08-08)